CVE-2018-12383 log
| Source |
|
| Severity | Low |
| Remote | No |
| Type | Information disclosure |
| Description | A security issue has been found in Thunderbird versions prior to 60.2.1. If a user saved passwords before the move to a new password format and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-782 | thunderbird | 60.0-4 | 60.2.1-1 | Critical | Fixed | FS#60424 |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 18 Oct 2018 | ASA-201810-13 | AVG-782 | thunderbird | Critical | multiple issues |
| References |
|---|
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12383 https://bugzilla.mozilla.org/show_bug.cgi?id=1475775 |